Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
File:                     1K5pV43Ol3ozqindV8oZD6aHd_o.mft (raw, json)
Hash identifier:          2di3HNyti/7mZrkC/aRjtZDYtb6P9D5/1WQjz8PJuvk=
Subject key identifier:   08:E1:AB:1B:AD:DA:BB:C5:C6:99:78:E9:FA:14:75:2D:BA:69:42:11
Authority key identifier: D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA
Certificate issuer:       /CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
Certificate serial:       0196BB91F2FDA334095A43214CABD35FDEE0
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
Manifest number:          0BA9
Signing time:             Sat 10 May 2025 19:00:26 +0000
Manifest this update:     Sat 10 May 2025 19:00:26 +0000
Manifest next update:     Sun 11 May 2025 19:00:26 +0000
Files and hashes:         1: 1K5pV43Ol3ozqindV8oZD6aHd_o.crl (hash: rTUfVBKgxgAMZ8H3YDOQ0Vu1zlbZLXbduBRV5iA9KBw=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 11 May 2025 19:00:26 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:96:bb:91:f2:fd:a3:34:09:5a:43:21:4c:ab:d3:5f:de:e0
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d4ae69578dce977a33aa29dd57ca190fa68777fa
        Validity
            Not Before: May 10 19:00:26 2025 GMT
            Not After : May 11 19:00:26 2025 GMT
        Subject: CN=08e1ab1baddabbc5c69978e9fa14752dba694211
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ba:ae:cb:aa:de:a7:2e:4d:45:5d:47:7b:98:f8:
                    d6:37:fa:7b:48:f0:df:39:61:18:3b:80:8a:dc:f5:
                    c0:59:dc:70:48:e4:69:3e:8b:b3:82:b4:37:cb:dc:
                    25:2d:66:4b:4d:23:78:a1:b0:08:b9:f1:6b:33:e7:
                    45:f3:89:ae:f4:b9:84:d3:d0:32:31:0e:74:28:29:
                    41:51:25:70:ed:0c:70:a2:af:f8:9f:1a:ea:f9:29:
                    c3:c1:91:f3:e0:fb:ba:a1:34:ed:f1:47:3c:ab:f2:
                    4d:cf:85:e0:50:8a:cc:00:22:34:69:2f:5d:b7:c1:
                    c5:e8:99:54:0c:d4:12:62:60:9b:3a:df:a8:08:38:
                    b2:8b:30:1e:6b:8d:ad:16:90:fc:c8:cd:0d:d3:8f:
                    19:df:8d:02:ee:96:d8:e4:26:75:2a:b3:4c:6c:96:
                    ec:3c:45:1d:90:0c:94:b7:b5:a1:66:2c:39:b0:1a:
                    8d:98:eb:49:3f:f1:61:5d:10:6b:df:f3:f3:2a:9b:
                    00:59:c8:49:67:5c:e6:90:69:20:a8:f6:5d:fa:ae:
                    c8:ef:14:6c:95:39:fb:aa:09:4b:a8:78:8a:a9:a0:
                    1c:25:75:e5:ea:2e:9f:f8:ff:b6:5c:ab:1f:d7:a5:
                    b2:5a:a1:e4:c2:3a:41:f9:7b:34:36:f8:db:ef:7a:
                    8b:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                08:E1:AB:1B:AD:DA:BB:C5:C6:99:78:E9:FA:14:75:2D:BA:69:42:11
            X509v3 Authority Key Identifier:
                keyid:D4:AE:69:57:8D:CE:97:7A:33:AA:29:DD:57:CA:19:0F:A6:87:77:FA

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1K5pV43Ol3ozqindV8oZD6aHd_o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/71/bd8900-ec95-475b-89b7-b4f2977d196b/1/1K5pV43Ol3ozqindV8oZD6aHd_o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         93:7d:27:d9:b2:90:7b:a9:59:e2:9d:9f:ea:8f:1f:ec:d6:a1:
         82:5f:ed:b3:6e:ca:1b:52:43:85:4e:a5:b0:3d:9c:6b:36:78:
         eb:58:09:75:09:4b:50:69:0d:88:70:aa:38:9d:00:6a:a9:fa:
         0b:c2:1a:ba:95:39:06:c5:ed:d6:37:eb:8d:ec:2a:2d:fc:a5:
         dc:90:71:f2:a8:34:4b:3b:db:b8:9b:45:2d:e7:db:71:9a:c5:
         86:b5:17:30:d2:b5:a7:27:43:60:6a:11:22:c8:fc:e1:52:57:
         6b:47:ec:f7:04:83:bc:30:03:22:f7:94:15:3c:72:a8:ce:40:
         bd:58:78:31:1e:9c:e0:63:03:8f:9b:87:5f:64:4e:cb:5f:5c:
         ef:36:01:c2:86:a4:e8:49:3a:ed:e1:87:d6:99:01:d0:44:31:
         94:3e:63:82:83:bd:bb:ce:70:e7:9d:76:26:7a:0a:08:8b:73:
         02:ac:80:21:30:74:31:9b:80:d4:16:ef:96:19:0c:ab:a2:21:
         70:e6:b1:c3:ec:32:fc:61:1d:80:13:f9:60:dc:14:6b:23:ff:
         bd:23:9b:6e:aa:a4:ca:8c:97:71:5b:67:eb:93:6a:d3:71:d7:
         a1:31:ef:90:b9:b9:eb:d8:9c:0a:e2:66:e7:0e:1a:99:5e:f9:
         f2:56:68:7d
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZa7kfL9ozQJWkMhTKvTX97gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0YWU2OTU3OGRjZTk3N2EzM2FhMjlkZDU3Y2ExOTBmYTY4
Nzc3ZmEwHhcNMjUwNTEwMTkwMDI2WhcNMjUwNTExMTkwMDI2WjAzMTEwLwYDVQQD
EygwOGUxYWIxYmFkZGFiYmM1YzY5OTc4ZTlmYTE0NzUyZGJhNjk0MjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuq7Lqt6nLk1FXUd7mPjWN/p7SPDf
OWEYO4CK3PXAWdxwSORpPouzgrQ3y9wlLWZLTSN4obAIufFrM+dF84mu9LmE09Ay
MQ50KClBUSVw7Qxwoq/4nxrq+SnDwZHz4Pu6oTTt8Uc8q/JNz4XgUIrMACI0aS9d
t8HF6JlUDNQSYmCbOt+oCDiyizAea42tFpD8yM0N048Z340C7pbY5CZ1KrNMbJbs
PEUdkAyUt7WhZiw5sBqNmOtJP/FhXRBr3/PzKpsAWchJZ1zmkGkgqPZd+q7I7xRs
lTn7qglLqHiKqaAcJXXl6i6f+P+2XKsf16WyWqHkwjpB+Xs0Nvjb73qLOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFAjhqxut2rvFxpl46foUdS26aUIRMB8GA1UdIwQY
MBaAFNSuaVeNzpd6M6op3VfKGQ+mh3f6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5Yjct
YjRmMjk3N2QxOTZiLzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9iZDg5MDAtZWM5NS00NzViLTg5YjctYjRmMjk3N2QxOTZi
LzEvMUs1cFY0M09sM296cWluZFY4b1pENmFIZF9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAk30n2bKQ
e6lZ4p2f6o8f7Nahgl/ts27KG1JDhU6lsD2cazZ461gJdQlLUGkNiHCqOJ0Aaqn6
C8IaupU5BsXt1jfrjewqLfyl3JBx8qg0SzvbuJtFLefbcZrFhrUXMNK1pydDYGoR
Isj84VJXa0fs9wSDvDADIveUFTxyqM5AvVh4MR6c4GMDj5uHX2ROy19c7zYBwoak
6Ek67eGH1pkB0EQxlD5jgoO9u85w5512JnoKCItzAqyAITB0MZuA1BbvlhkMq6Ih
cOaxw+wy/GEdgBP5YNwUayP/vSObbqqkyoyXcVtn65Nq03HXoTHvkLm569icCuJm
5w4amV758lZofQ==
-----END CERTIFICATE-----